Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt
"Paul Quinn (paulq)" <paulq@cisco.com> Sat, 10 September 2016 17:29 UTC
Return-Path: <paulq@cisco.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 919FC12B133 for <sfc@ietfa.amsl.com>; Sat, 10 Sep 2016 10:29:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.029
X-Spam-Level:
X-Spam-Status: No, score=-16.029 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M3Z60CC7EKvC for <sfc@ietfa.amsl.com>; Sat, 10 Sep 2016 10:29:54 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E438A12B122 for <sfc@ietf.org>; Sat, 10 Sep 2016 10:29:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10998; q=dns/txt; s=iport; t=1473528591; x=1474738191; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=Z0p0Svea3ZzhmwdInS6Xk0eexCwCEQhGZG6aa/Bmy8E=; b=gl9KqVtNnKngT+BPb3szhVMgxfj0QVyyPjxxiZZMuEV5pF2SHbuSIA02 VrybkTqPkJphys3MkHmPeOoDlz/16tE06sDaVKf2AAPiMDL5nPqwK7RdD 2Js4dpK6F8W7Uk2Ufmi8fmp1EikjQdFN78vvXmydLPNBQLXQk7W6XD/rt Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AmAQDMQtRX/4oNJK1eGQEBAQEBAQEBAQEBgy0BAQEBAR5XfAeNLKsdggMmghyDWwKBOTgUAQIBAQEBAQEBXhwLhGEBAQEDAQ5XAhIFCwIBCBgVGTIlAgQOBYhCCA7BAgEBAQEBAQEBAQEBAQEBAQEBAQEBARcFhjCBeQiCT4QTEAIBGzINgm6CLwWIMYY2inwBhiSDAoYlgW6EYIkUhneFXoN6AR42hFtwAYVHK4ECfwEBAQ
X-IronPort-AV: E=Sophos;i="5.30,312,1470700800"; d="scan'208";a="147732811"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 10 Sep 2016 17:29:46 +0000
Received: from XCH-ALN-006.cisco.com (xch-aln-006.cisco.com [173.36.7.16]) by alln-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id u8AHTkrc002028 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Sat, 10 Sep 2016 17:29:46 GMT
Received: from xch-rcd-008.cisco.com (173.37.102.18) by XCH-ALN-006.cisco.com (173.36.7.16) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Sat, 10 Sep 2016 12:29:45 -0500
Received: from xch-rcd-008.cisco.com ([173.37.102.18]) by XCH-RCD-008.cisco.com ([173.37.102.18]) with mapi id 15.00.1210.000; Sat, 10 Sep 2016 12:29:45 -0500
From: "Paul Quinn (paulq)" <paulq@cisco.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>
Thread-Topic: [sfc] WG review for draft-ietf-sfc-nsh-07.txt
Thread-Index: AQHR/V4l7FibCE2gCkSX9qAjBx/2X6Ba4oYggBiIaAA=
Date: Sat, 10 Sep 2016 17:29:44 +0000
Message-ID: <6D3898EC-1CC4-4771-8F04-D6D1BAFE35AF@cisco.com>
References: <98638C8E-3C9D-4C87-AA1F-90E95A3F001C@cisco.com> <787AE7BB302AE849A7480A190F8B933008E099F0@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B933008E099F0@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.19.171]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <F86FAB5CE4F76940A45193370C9AC104@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/FVGhjSVFJuhSZQeGRfV1FcVVIfU>
Cc: "Jim Guichard (jguichar)" <jguichar@cisco.com>, "sfc@ietf.org" <sfc@ietf.org>
Subject: Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Sep 2016 17:29:57 -0000
Med, Med, as always, thank you for your review. > On Aug 26, 2016, at 5:31 AM, mohamed.boucadair@orange.com wrote: > > Hi Jim, all, > > Likewise, I would like to see this document progress as well. > > In addition to the comment raised in a separate message about the C-bit of TLVs, I have the following comments: > > (1) Section 2: I suggest to delete the following sentence: > > NSH is designed to be easy to implement across a range of devices, > both physical and virtual, including hardware platforms. > > Reason: the use of "easy to implement" should be justified if that text is maintained. Otherwise, this is subjective. > > or to reword it as follows: > > "NSH can be implemented in both physical and virtual platforms." PQ> The "easy to implement" is a reference to the nature of type-1 and how, as noted by hardware implementors, this vastly simplifies implementation. Further, the language is widely used in RFCs (e.g. 7321, 3160, etc.). > > (2) Section 2.3: I suggest to change this OLD text: > > The semantics of > the shared metadata is communicated via a control plane, which is > outside the scope of this document, to participating nodes. > > NEW: > > The semantics of > the shared metadata is communicated via a control plane (Section 3.3 of [I-D.ietf-sfc-control-plane]). > PQ> Proposed text: "The semantics of the shared metadata is communicated via a control plane, which is outside the scope of this document, to participating nodes. [ietf-sfc-control-plane] provides an example of such in section 3.3. > (3) Section 2.3- Not sure I would maintain this text: > > 5. NSH offers a common and standards-based header for service > chaining to all network and service nodes. > > "to all" is not accurate as "legacy" nodes are still there. > PQ> Given that "legacy" nodes are supported via proxy, this is indeed true. > (4) Section 2.3: > > OLD: > Transport Agnostic: NSH is transport independent and is often > carried via a network transport protocol, > > NEW: > Transport Agnostic: NSH is transport independent. Any network transport protocol can be used to transport NSH-encapsulated traffic. PQ> Proposed text: NSH is transport independent. An appropriate (for a given deployment) network transport protocol can be used to transport NSH-encapsulated traffic. > > (5) Section 3.2: > > NSH implementations MUST support MD-Type = 0x1, and SHOULD support > MD- Type = 0x2. > > Because: > * of potential interoperability issues. > * MD#2 is more compact when no metadata is to be supplied > * MD#2 allows to convey more information compared to MD#1 > > I suggest we revisit that sentence to have MD#2 be mandatory to be supported (my favorite option), or at least require that both MDs defined in this spec MUST be supported. > PQ> As per the previous discussion, this MUST/SHOULD reflect the practical reality of implementation and helps ensure deployability. > (6) Section 3.2: > > C bit: Indicates that a critical metadata TLV is present. This bit > acts as an indication for hardware implementers to decide how to > handle the presence of a critical TLV without necessarily needing to > parse all TLVs present. For an MD Type of 0x1 (i.e. no variable > length metadata is present), the C bit MUST be set to 0x0. > > 6.1. What is the behavior of the implementation if C-bit is set but not critical metadata is found in the payload? > 6.2. What is the behavior of the implementation if C-bit is unset but a critical metadata is found in the payload? > 6.3. What is the behavior of the implementation with regards to this bit if a critical metadata is added in-path? > 6.4. What is the behavior of the implementation with regards to this bit if a critical metadata is stripped in-path? > 6.5. Should the specification recommend an order of metadata so that critical metadata are always positioned first? PQ> 6.1: essentially continue "as is" with an optional warning message 6.2: generate an warning error, possibly set C 6.3: the adder sets C 6.4: the remover clears C 6.5: no, this creates too many limitations/complexity. An implementation might opt to optimize. > > (7) Section 3.3: The following text > > " ... however the > control plane MAY configure the initial value of SI as appropriate > (i.e. taking into account the length of the service function path). " > > is not aligned with the outcome of the discussion we had during the WG LC of draft-ietf-sfc-control-plane (https://www.ietf.org/mail-archive/web/sfc/current/msg04594.html): > > The control plane must instruct the classifier about the initial > values of the Service Index (SI). > PQ> The control plane can assign but NSH provides a default value recommendation, I'm not sure there's a conflict. > 7.1. I suggest to modify NSH draft accordingly. PQ> I'm not clear what you are suggesting? > 7.2. Please consider adding a reference to draft-ietf-sfc-control-plane PQ> I'll update. > > (8) Section 3.4: I still do think this section is underspecified. E.g., > > 8.1. The use of "Mandatory Context Header" conflicts with this text in Section 3: > > A Network Service Header (NSH) contains service path information and > optionally metadata that are added to a packet or frame and used to > ^^^^^^^^^^^^^^^^^^^ > create a service plane. > > 8.2. The specification does not forbid that all context headers are set to zero. Otherwise, MD#2 should be used instead. PQ> In either care, 1 or 2, no metadata is valid: all zeroes in type 1 or no data in type 2. > 8.3. The specification does not specify how these context headers are to be validated. PQ> By validated, so you mean cryptographically asserted, or simply compared to known value? In either case, that is outside of the scope of this draft. > 8.4. I still don't understand why four headers are chosen. PQ> As per previous discussions, based experience, use case and implementation, four strikes a balance. The widespread implementations of type 1 support this. > > (9) Section 3.5.1: > > The length of "Metadata Class" is over-dimensioned. I suggest to reduce the length of this field and increase the length of "Type". > > For example, let's consider the proposal in https://tools.ietf.org/html/draft-napper-sfc-nsh-broadband-allocation-00#section-4.2: > > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | TLV Class = 3GPP |C| Type |R|R|R| Len | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Data ... > +-+-+-+-+-+-+-+-+ > > Figure 5: TLV Allocation > > The intended use of the header is for TLVs associated with 3GPP Radio > Access Networks as described in [TS.29.230]. This TLV can be used by > 3GPP to extend the metadata as per use cases. Having this TLV helps > to carry more information that does not fit within the MD Type 0x01. > > The list of codes in Table 7.1 of TS.29.230 cannot be conveyed with a "Type" field of 7 bits. PQ> At this point, the allocation seems reasonable, provides for a large range of "owners", and the TLV schemes proposed work within this scope. > > (10) Section 4: > > OLD: > > +---------------+------------------+-------+----------------+---------+ > | | Insert |Select | Update |Service | > | | or remove NSH |Service| NSH |policy | > | | |Function| |selection| > | Component +--------+--------+Path +----------------+ | > | | | | | Dec. |Update | | > | | Insert | Remove | |Service |Context| | > | | | | | Index |Header | | > +----------------+--------+--------+-------+--------+-------+---------+ > | | + | + | | | + | | > |Classifier | | | | | | | > +--------------- +--------+--------+-------+--------+-------+---------+ > |Service Function| | + | + | | | | > |Forwarder(SFF) | | | | | | | > +--------------- +--------+--------+-------+--------+-------+---------+ > |Service | | | | + | + | + | > |Function (SF) | | | | | | | > +--------------- +--------+--------+-------+--------+-------+---------+ > |SFC Proxy | + | + | | + | | | > +----------------+--------+--------+-------+--------+-------+---------+ > > NEW: > > +---------------+------------------+-------+----------------+---------+ > | | Insert |Select | Update |Service | > | | or remove NSH |Service| NSH |policy | > | | |Function| |selection| > | Component +--------+--------+Path +----------------+ | > | | | | | Dec. |Update | | > | | Insert | Remove | |Service |Context| | > | | | | | Index |Header | | > +----------------+--------+--------+-------+--------+-------+---------+ > | | + | + | | | + | | > |Classifier | | | | | | | > +--------------- +--------+--------+-------+--------+-------+---------+ > |Service Function| | + | + | | | | > |Forwarder(SFF) | | | | | | | > +--------------- +--------+--------+-------+--------+-------+---------+ > |Service | | | | + | + | + | > |Function (SF) | | | | | | | > +--------------- +--------+--------+-------+--------+-------+---------+ > |SFC Proxy | + | + | | + | + | | > +----------------+--------+--------+-------+--------+-------+---------+ PQ> Just to be clear (formatting was a bit off in the email): In the last line, SFC Proxy, add "Update Context Header"? > > (11) Section 7.2: Please consider adding an IPv6 example. PQ> Happily.
- [sfc] WG review for draft-ietf-sfc-nsh-07.txt Jim Guichard (jguichar)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Andrew G. Malis
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt mohamed.boucadair
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Shunsuke Homma
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Dave Dolson
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Duarte Cardoso, Igor
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Paul Quinn (paulq)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Paul Quinn (paulq)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Paul Quinn (paulq)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Dave Dolson
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Dave Dolson
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Paul Quinn (paulq)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Dave Dolson
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Paul Quinn (paulq)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Dave Dolson
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt mohamed.boucadair
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Jim Guichard (jguichar)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt Jim Guichard (jguichar)
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt mohamed.boucadair
- Re: [sfc] WG review for draft-ietf-sfc-nsh-07.txt mohamed.boucadair